Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Please help. Srv123 ContentExplorer infected my computer. [Closed]

Started by SalazarC , Aug 19 2014 11:20 AM

  • This topic is locked This topic is locked

#1
SalazarC
Posted 19 August 2014 - 11:20 AM

SalazarC

    New Member

  • Member
  • Pip
  • 1 posts

This is blocking me from clicking on things going on pandora and even putting random ads on the side of chrome just chilling there. its opening links such as srv123 interyield etc please help me ;c http://i.gyazo.com/1...ea54d6f267d.png

 

 

 

OTL logfile created on: 8/19/2014 1:09:45 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Salazar\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.87 Gb Total Physical Memory | 4.38 Gb Available Physical Memory | 55.70% Memory free
15.73 Gb Paging File | 11.77 Gb Available in Paging File | 74.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 585.52 Gb Free Space | 62.86% Space Free | Partition Type: NTFS
Drive D: | 110.50 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: SALAZAR-PC | User Name: Salazar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- 
PRC - [2014/08/19 13:09:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Salazar\Downloads\OTL.exe
PRC - [2014/08/15 15:16:26 | 005,534,200 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.215\deploy\LoLLauncher.exe
PRC - [2014/08/08 13:08:03 | 008,506,632 | ---- | M] (Curse, Inc) -- C:\Users\Salazar\AppData\Roaming\Curse Client\Bin\Curse.exe
PRC - [2014/08/06 23:20:57 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/06/24 19:36:17 | 010,177,648 | ---- | M] (Coherent Labs) -- C:\Users\Salazar\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exe
PRC - [2014/06/23 11:41:22 | 000,585,560 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2014/05/23 06:16:36 | 000,504,832 | ---- | M] (LOL Replay) -- C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
PRC - [2014/03/11 17:44:52 | 000,241,728 | ---- | M] (Foxit Corporation) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
PRC - [2014/01/10 01:26:44 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2013/11/20 16:43:26 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013/08/30 03:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/08/22 07:01:50 | 000,074,752 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.104\deploy\LolClient.exe
PRC - [2013/05/07 10:26:10 | 001,302,080 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
PRC - [2013/02/18 17:39:26 | 000,348,888 | ---- | M] (NETGEAR,Inc.) -- C:\Program Files (x86)\NETGEAR\A6200\A6200.exe
PRC - [2012/09/24 17:28:04 | 000,029,984 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
PRC - [2012/03/29 01:38:24 | 000,363,800 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/03/29 01:38:22 | 000,277,784 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/03/29 01:38:06 | 000,165,144 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/03/26 13:14:26 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/08/15 15:16:27 | 001,635,832 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.215\deploy\RiotLauncher.dll
MOD - [2014/08/15 15:16:26 | 005,534,200 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.215\deploy\LoLLauncher.exe
MOD - [2014/08/06 23:20:55 | 000,353,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppgooglenaclpluginchrome.dll
MOD - [2014/08/06 23:20:54 | 014,669,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
MOD - [2014/08/06 23:20:53 | 008,537,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
MOD - [2014/08/06 23:20:49 | 000,718,152 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
MOD - [2014/08/06 23:20:47 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
MOD - [2014/08/06 23:20:46 | 001,732,936 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
MOD - [2014/05/23 06:16:24 | 000,379,904 | ---- | M] () -- C:\Program Files (x86)\LOLReplay\LOLUtils.dll
MOD - [2014/05/22 14:39:28 | 000,160,768 | ---- | M] () -- C:\Program Files (x86)\LOLReplay\Air.dll
MOD - [2014/05/19 17:05:14 | 000,437,248 | ---- | M] () -- C:\Users\Salazar\AppData\Roaming\Curse Client\Bin\WebRTC_CSharpWrapper.dll
MOD - [2014/05/19 17:04:42 | 000,861,696 | ---- | M] () -- C:\Users\Salazar\AppData\Roaming\Curse Client\Bin\ffmpegsumo.dll
MOD - [2014/05/19 17:04:42 | 000,307,712 | ---- | M] () -- C:\Users\Salazar\AppData\Roaming\Curse Client\Bin\opus.dll
MOD - [2014/05/15 13:43:32 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\LOLReplay\Launcher.dll
MOD - [2014/02/03 09:35:28 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\6c422db78c17838c3eb9f9fcc01ca63f\System.Management.ni.dll
MOD - [2014/02/03 09:35:24 | 018,151,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\908226a70937e30fde6f46e8952bdd69\System.ServiceModel.ni.dll
MOD - [2014/02/03 09:34:32 | 000,194,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\729da3bff06db24c800c87b743d2049f\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2014/02/03 09:34:16 | 012,177,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\5cbb907ca5974c5c247e156008e3de6f\System.Web.ni.dll
MOD - [2014/02/03 09:34:11 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\46863d4abf7db3e009962abc8710c945\System.Runtime.Remoting.ni.dll
MOD - [2014/02/03 09:34:10 | 000,787,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bfa9e814cb8b662508aa93ae387b434f\System.EnterpriseServices.ni.dll
MOD - [2014/02/03 09:34:10 | 000,236,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bfa9e814cb8b662508aa93ae387b434f\System.EnterpriseServices.Wrapper.dll
MOD - [2014/02/03 09:34:09 | 001,031,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\ca15ec0f5c010ab2c6d159e3b2147aeb\System.Runtime.DurableInstancing.ni.dll
MOD - [2014/02/03 09:34:09 | 000,649,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\102014a4f570b1dc944ff7eb8e1c6e2b\System.Transactions.ni.dll
MOD - [2014/02/03 09:34:08 | 002,659,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\034c10f22a6d498beaf042175d03e092\System.Runtime.Serialization.ni.dll
MOD - [2014/02/03 09:34:08 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\2ae4f0b09f237e65b51979476c5bb03c\SMDiagnostics.ni.dll
MOD - [2014/02/03 09:34:06 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f58dc6b661c4fb91c68945da9b701135\System.Xml.Linq.ni.dll
MOD - [2014/02/03 09:33:59 | 001,837,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\bb18135ed784c4a25ba904c540ac9dc2\Microsoft.VisualBasic.ni.dll
MOD - [2014/02/03 09:33:48 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2014/02/03 08:23:00 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll
MOD - [2014/02/03 08:22:55 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2014/02/03 08:22:50 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2014/02/03 08:22:40 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2014/02/03 08:22:32 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2014/02/03 08:21:40 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2014/02/03 08:21:35 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2014/02/03 08:21:32 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2014/02/03 08:21:30 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2014/02/03 08:21:28 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2014/02/03 08:21:23 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2014/02/01 19:22:23 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\5d78e93b536a684eb418fb8522da4a4a\PresentationFramework.ni.dll
MOD - [2014/02/01 19:22:08 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\d05cc24279dde54f19a2fb72d6abfe4e\PresentationCore.ni.dll
MOD - [2014/02/01 19:22:06 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\325d0892f38cfa9dc4dd834066b218de\System.Windows.Forms.ni.dll
MOD - [2014/02/01 19:22:05 | 006,866,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\b721c9c05baec5545594073c5593eacf\System.Data.ni.dll
MOD - [2014/02/01 19:22:03 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll
MOD - [2014/02/01 19:22:00 | 000,693,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\7dd3be81af8b03416ad0109af26997b9\System.ComponentModel.Composition.ni.dll
MOD - [2014/02/01 19:21:59 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\228b114c79c5d9024bdb4cc580e32c09\PresentationFramework.Aero.ni.dll
MOD - [2014/02/01 19:21:58 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll
MOD - [2014/02/01 19:21:54 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2014/02/01 19:21:54 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll
MOD - [2014/02/01 19:21:53 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\e9bec15c21b4c0f781bb26e944bd537d\WindowsBase.ni.dll
MOD - [2014/02/01 19:21:49 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2014/02/01 19:21:45 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\cfbc74c91b44af85d10b272ae5c70d5a\System.Numerics.ni.dll
MOD - [2014/02/01 19:21:43 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2014/01/10 01:28:18 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2014/01/10 01:26:44 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2013/09/14 02:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
MOD - [2013/09/14 02:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
MOD - [2013/09/13 20:51:44 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/09/13 20:51:20 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/08/22 07:01:50 | 000,074,752 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.104\deploy\LolClient.exe
MOD - [2013/05/07 10:26:10 | 001,302,080 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/08/01 22:29:58 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/05/21 00:33:44 | 000,314,696 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:64bit: - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/03/07 02:00:46 | 000,629,984 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/07/15 22:28:18 | 000,542,912 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/07/08 21:24:20 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/21 00:33:48 | 000,278,344 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/03/11 17:44:52 | 000,241,728 | ---- | M] (Foxit Corporation) [Auto | Running] -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe -- (FoxitCloudUpdateService)
SRV - [2014/02/28 16:23:52 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/22 04:23:52 | 000,024,576 | ---- | M] (Realtek Semiconductor.) [Auto | Stopped] -- C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe -- (SetupARService)
SRV - [2012/09/24 17:28:04 | 000,029,984 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe -- (WNDA6200)
SRV - [2012/04/24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2012/03/29 01:38:24 | 000,363,800 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/03/29 01:38:22 | 000,277,784 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/03/29 01:38:06 | 000,165,144 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/05/21 00:33:36 | 003,791,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/05/19 02:47:30 | 000,039,080 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2014/05/19 02:47:28 | 000,155,816 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2013/10/23 10:11:22 | 000,129,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2013/08/30 03:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/08/30 03:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/08/30 03:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/08/30 03:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/08/30 03:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/08/30 03:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/08/30 03:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/08/30 03:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/02/28 17:54:38 | 002,567,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWLHIGH664.SYS -- (A6200)
DRV:64bit: - [2012/12/19 08:42:10 | 000,006,144 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\t_mouse.sys -- (t_mouse.sys)
DRV:64bit: - [2012/12/13 15:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/03/26 13:13:20 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/03/26 13:13:20 | 000,356,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/03/26 13:13:18 | 000,019,224 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/16 01:42:00 | 000,676,968 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 07:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/06/26 01:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/10/18 16:53:14 | 000,552,888 | ---- | M] (PassMark Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Counter-Strike Global Offensive\image\x64\OSFMount.sys -- (OSFMount)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2496}: "URL" = http://www.default-s...p={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2496}: "URL" = http://www.default-s...p={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2496}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2496}: "URL" = http://www.default-s...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49235;https=127.0.0.1:49235
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tongbu.com/tongbu,version=0.1: C:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll (同步网络平台)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\egtcps.com/captures: C:\Program Files (x86)\EagleGet\captures.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/09/28 09:44:33 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: 
CHR - plugin: Error reading preferences file
CHR - Extension: Google Drive = C:\Users\Salazar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Salazar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\Salazar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Adblock Plus = C:\Users\Salazar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Google Search = C:\Users\Salazar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Google Wallet = C:\Users\Salazar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Salazar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ͬ²½Ò»¼ü°²×°Ö§³Ö) - {F72C8153-7140-4FEE-8F69-CA4579D71195} - C:\Program Files (x86)\Tongbu\Addin\tbIEAddin.dll (同步网络平台)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [GENIE] C:\Program Files (x86)\NETGEAR\A6200\A6200.exe (NETGEAR,Inc.)
O4:64bit: - HKLM..\Run: [LanuchApp] C:\Program Files (x86)\NETGEAR\A6200\LanuchApp.exe ()
O4:64bit: - HKLM..\Run: [MouseDriver] C:\Windows\SysNative\TiltWheelMouse.exe (Pixart Imaging Inc)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [ContentExplorer] C:\Users\Salazar\AppData\Roaming\ContentExplorer\ContentExplorer.exe (ContentExplorer)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Itibiti.exe] C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe File not found
O4 - Startup: C:\Users\Salazar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk = C:\Users\Salazar\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D35A877-AF52-468C-8D21-123C07E689EA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{919D69B0-C26F-40DE-8921-9EA900CB6115}: DhcpNameServer = 10.0.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/08/09 07:53:28 | 000,436,040 | R--- | M] (NETGEAR Inc.) - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006/05/30 04:27:40 | 000,000,047 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{aa2aca88-1fcb-11e3-9163-d43d7e4f071e}\Shell - "" = AutoRun
O33 - MountPoints2\{aa2aca88-1fcb-11e3-9163-d43d7e4f071e}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{aa2aca88-1fcb-11e3-9163-d43d7e4f071e}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{aa2aca88-1fcb-11e3-9163-d43d7e4f071e}\Shell\install\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{dd7919ee-0b19-11e3-aa5b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{dd7919ee-0b19-11e3-aa5b-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2012/08/09 07:53:28 | 000,436,040 | R--- | M] (NETGEAR Inc.)
O33 - MountPoints2\{fa6d5fc3-2093-11e3-ad18-d43d7e4f071e}\Shell - "" = AutoRun
O33 - MountPoints2\{fa6d5fc3-2093-11e3-ad18-d43d7e4f071e}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/08/07 18:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR A6200 Genie
[2014/08/07 18:07:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NETGEAR
[2014/08/07 18:03:05 | 000,035,344 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys
[2014/08/07 18:01:01 | 000,000,000 | ---D | C] -- C:\ProgramData\NETGEAR
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/08/19 13:05:50 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/08/19 13:05:50 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/08/19 12:44:24 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/08/19 12:44:24 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/08/19 12:44:24 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/08/19 12:39:11 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/19 12:38:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/19 12:38:15 | 2039,181,311 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/19 04:28:50 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/19 04:24:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/08/16 17:53:25 | 000,367,340 | ---- | M] () -- C:\Users\Salazar\Desktop\IMG_0793.JPG
[2014/08/16 17:53:24 | 000,444,364 | ---- | M] () -- C:\Users\Salazar\Desktop\IMG_0790.JPG
[2014/08/16 17:53:24 | 000,277,063 | ---- | M] () -- C:\Users\Salazar\Desktop\IMG_0791.JPG
[2014/08/16 17:53:23 | 000,306,586 | ---- | M] () -- C:\Users\Salazar\Desktop\IMG_0792.JPG
[2014/08/15 15:30:54 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/07 18:08:33 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\NETGEAR A6200 Genie.lnk
[2014/08/07 18:04:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
[2014/08/01 22:29:58 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/08/01 22:29:58 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/08/01 21:31:02 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/08/16 17:53:25 | 000,367,340 | ---- | C] () -- C:\Users\Salazar\Desktop\IMG_0793.JPG
[2014/08/16 17:53:24 | 000,444,364 | ---- | C] () -- C:\Users\Salazar\Desktop\IMG_0790.JPG
[2014/08/16 17:53:23 | 000,277,063 | ---- | C] () -- C:\Users\Salazar\Desktop\IMG_0791.JPG
[2014/08/16 17:53:22 | 000,306,586 | ---- | C] () -- C:\Users\Salazar\Desktop\IMG_0792.JPG
[2014/08/07 18:08:33 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\NETGEAR A6200 Genie.lnk
[2014/08/07 18:04:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
[2014/08/01 22:29:58 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/08/01 22:29:58 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/05/21 00:33:38 | 000,348,088 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2014/05/21 00:33:32 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/05/21 00:33:32 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2014/03/27 20:02:10 | 000,000,046 | ---- | C] () -- C:\Users\Salazar\jagex_cl_runescape_LIVE.dat
[2014/03/27 20:02:10 | 000,000,024 | ---- | C] () -- C:\Users\Salazar\random.dat
[2013/11/17 00:20:42 | 007,485,431 | ---- | C] () -- C:\Windows\SysWow64\avcodec_32-54.dll
[2013/11/17 00:20:42 | 001,288,352 | ---- | C] () -- C:\Windows\SysWow64\avformat_32-54.dll
[2013/11/17 00:20:42 | 000,395,374 | ---- | C] () -- C:\Windows\SysWow64\swscale_32-2.dll
[2013/11/17 00:20:42 | 000,231,356 | ---- | C] () -- C:\Windows\SysWow64\avutil_32-51.dll
[2013/09/08 19:21:19 | 000,772,262 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/12/14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/12/14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
 
========== ZeroAccess Check ==========
 
[2013/08/22 20:19:05 | 000,000,082 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-3086147217-3029195800-3389292599-1000\$RHDKDPE\Flash Player\#SharedObjects\3R2WJHJC\t.cxt.ms\lso.swf\u.sol
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/02/19 17:33:56 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\.minecraft
[2013/12/02 16:02:45 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\abgx360
[2014/05/22 21:46:46 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\AnvSoft
[2014/07/22 03:18:52 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\BitTorrent
[2014/08/05 12:08:08 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\ContentExplorer
[2014/05/04 11:37:17 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\Curse
[2014/06/03 15:48:40 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\Curse Client
[2014/07/16 20:09:20 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\Foxit Software
[2013/12/25 20:23:22 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\Gyazo
[2013/08/26 03:42:41 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\ImgBurn
[2013/08/22 13:14:29 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\LolClient
[2014/05/29 19:45:35 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\Mipony
[2014/07/12 07:28:11 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\OBS
[2013/11/18 23:59:11 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\PowerISO
[2013/08/22 06:47:24 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\Riot Games
[2014/03/10 16:01:28 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\Sony
[2014/02/16 02:54:51 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\TS3Client
[2014/05/19 06:51:27 | 000,000,000 | ---D | M] -- C:\Users\Salazar\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
< End of report >
--------------- Next is the extras

OTL Extras logfile created on: 8/19/2014 1:09:45 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Salazar\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.87 Gb Total Physical Memory | 4.38 Gb Available Physical Memory | 55.70% Memory free
15.73 Gb Paging File | 11.77 Gb Available in Paging File | 74.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 585.52 Gb Free Space | 62.86% Space Free | Partition Type: NTFS
Drive D: | 110.50 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: SALAZAR-PC | User Name: Salazar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08968D8B-E49A-44AF-B4D7-840CDD80BFE1}" = rport=138 | protocol=17 | dir=out | app=system | 
"{0B0B220C-1617-4BFF-B07C-017EA2519538}" = lport=137 | protocol=17 | dir=in | app=system | 
"{340777D3-98B2-4808-B893-12CC15D97096}" = lport=139 | protocol=6 | dir=in | app=system | 
"{3F27CCDC-6A86-4178-ACD6-E115484DED45}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4E57EE22-4204-4807-A0CC-B6A9D0D8A1F1}" = lport=138 | protocol=17 | dir=in | app=system | 
"{6192344C-996A-4F64-ABE6-EC595A24B7E9}" = lport=445 | protocol=6 | dir=in | app=system | 
"{94B14DE6-B8E4-459E-ABC8-6B51002B2840}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B37206AF-C274-4683-92F7-4FE858D07166}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{C2CAF282-9BC3-44B1-A753-A611A083E47D}" = rport=139 | protocol=6 | dir=out | app=system | 
"{C756A21A-2505-4981-B7B9-FD6FDCFA448F}" = rport=445 | protocol=6 | dir=out | app=system | 
"{D1F88FF2-BA19-45F8-A58D-51ED9203F868}" = rport=137 | protocol=17 | dir=out | app=system | 
"{D45C4B77-7718-4AD5-AF5A-1AD17D85BCD2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 
"{F77922D1-11A9-481B-97F3-29CD92829B30}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0084EB50-D23A-49C7-BD53-49808825EE25}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{0C46E14F-174E-436F-8A73-2D0A9FF630AC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe | 
"{1421F7DF-6F63-4F11-9803-F89275924DA1}" = protocol=17 | dir=in | app=c:\users\salazar\appdata\roaming\utorrent\utorrent.exe | 
"{31B0DBC9-6B70-4E2A-9583-89A1509B6795}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{369792FA-A74A-40FA-94CB-0A3CC8B00559}" = protocol=58 | dir=out | [email protected],-28546 | 
"{41EE564C-ED0B-4E05-9091-5971CE00A8DC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{4703CB49-52DC-4BFC-811D-98AEC3A71679}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2816\agent.exe | 
"{4E759637-A160-4A6F-8C73-A1364CEEED98}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | 
"{4FE85B05-3B5D-4191-8686-672182214929}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{5155EBEE-C3FE-426A-B360-C4D8DBD29EF6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe | 
"{59118C90-54C0-4D31-9D6E-C1ACEA6AAABF}" = protocol=1 | dir=in | [email protected],-28543 | 
"{5D243488-9B64-45D8-ACEE-819C31DD9464}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{5D65E788-EA7B-4AB2-83FB-3B4CEA1151CA}" = protocol=17 | dir=in | app=c:\users\salazar\appdata\roaming\bittorrent\bittorrent.exe | 
"{62ECE1CD-CE3A-4CFB-8BB1-765E24C596D2}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | 
"{66001526-06CD-4935-BA9B-F8390BEC6231}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe | 
"{6695B3DD-9E80-44D3-BC39-3214118DB5BA}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | 
"{67F89869-2EC9-4EC4-98DE-54F2AA78BF92}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe | 
"{6D7760BC-4A3A-434F-956D-640375F15FFB}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe | 
"{6ECC375E-04B4-4327-AD75-7C9FE7412F9A}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | 
"{7D22C316-AB01-487C-AAFB-73A724E838E4}" = protocol=1 | dir=out | [email protected],-28544 | 
"{8D825343-B236-4467-B22F-407F9B634A69}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{956A1A5C-5ED5-41C5-BCD6-1207AA054D45}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | 
"{964987D3-11E9-4FF1-956A-3190E89A24CE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{987BFBB4-BCDA-4A47-A462-E019BAD2C7EA}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe | 
"{991B76A3-5F87-4F72-BD9F-A3AE1783CCEB}" = protocol=58 | dir=in | [email protected],-28545 | 
"{A0F6FBAF-4808-4E4F-B845-552A7C90E1C5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | 
"{A24AD0B9-5FC2-47B5-8A4E-A277BED97B9B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{BA1ECDF6-CD9A-4BA7-87CA-FC35C9C0E351}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe | 
"{C0C2A30B-1EF7-44D9-BC8D-2AF0CB73A089}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe | 
"{C3246EE9-DC6B-496B-ACE3-32BDB3B27CD9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | 
"{C8E00530-B7F5-44EE-9C0D-009CDD9D000F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{D784BAC4-A3A0-49AB-AF19-52BA628E6158}" = protocol=6 | dir=in | app=c:\users\salazar\appdata\roaming\utorrent\utorrent.exe | 
"{D9C8B8F9-6F12-4971-96AB-4C4414A22284}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{DFB98A93-F0D5-41CE-A3C0-E8FB548628FD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | 
"{E0B485F6-730D-45FF-B907-1BFC0D765C8B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{E872C588-EA4A-4D6F-9AD4-04C5B9000A2D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{ECED8ECB-DF59-4503-8100-A019D3398E7E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{F19ECF2B-23FD-4695-83E4-47AB6F911EA1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2816\agent.exe | 
"{F85F873C-44BB-4973-A118-D75491655853}" = protocol=6 | dir=in | app=c:\users\salazar\appdata\roaming\bittorrent\bittorrent.exe | 
"{FD798E1E-8BD3-45FE-9735-D82E1EFC7D7B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | 
"{FF961841-56D6-46C2-978D-731683893DC9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | 
"TCP Query User{48545927-9FCE-4F65-B9A4-154640C632C9}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe | 
"TCP Query User{4E25D4E6-8A35-4459-8223-872A02C641EA}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{5DE8923D-47F6-4F8A-9765-853380DF93F4}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | 
"TCP Query User{796004FD-D7D2-41DB-AC6D-09D2B2ACB5B8}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe | 
"TCP Query User{8E23562E-D6FF-48E0-BC64-7517A0ED0EE1}C:\users\salazar\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\salazar\downloads\utorrent.exe | 
"TCP Query User{B4736D64-E865-4F74-A02C-BFFFE6C9C154}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base28667\sc2.exe | 
"TCP Query User{C144B2D5-C8B7-4E7E-B4FA-B139138A532A}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | 
"TCP Query User{D346E839-5347-4A7E-940D-B1B39EEDC5B9}C:\Program Files (x86)\Counter-Strike Global Offensive\csgo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike global offensive\csgo.exe | 
"TCP Query User{DB7D6141-5844-481B-919C-AB3D97CF04CB}C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe | 
"UDP Query User{00E18E03-6F1B-48F0-9142-DA1990BF6EE8}C:\users\salazar\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\salazar\downloads\utorrent.exe | 
"UDP Query User{4A38E7D7-81E6-406F-AD04-C3E11D6FAFA0}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base28667\sc2.exe | 
"UDP Query User{4F117658-E122-4822-A26E-15313A5FBD03}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{79E34F6B-6C2B-4EEA-9B06-BED799C76C9C}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | 
"UDP Query User{9129691B-7FC4-4492-ABEF-28B724B694AF}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe | 
"UDP Query User{AE03F100-6436-4EEE-B541-C57AF401E420}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe | 
"UDP Query User{B80FBBC6-C9A9-459B-B701-8EE955206B2B}C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe | 
"UDP Query User{BDF4D96D-6022-4FA3-BC45-5B2AA4D04DA7}C:\Program Files (x86)\Counter-Strike Global Offensive\csgo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike global offensive\csgo.exe | 
"UDP Query User{C56CE178-ED0A-4E9F-A5D7-9E01775AA0C3}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series" = Canon MX410 series MP Drivers
"{171C7193-1BB5-4619-BF23-E962598CAB13}" = Intel® Trusted Connect Service Client
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{BD422D00-5232-11E3-A6F3-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{C2B8CBDE-5232-11E3-B494-F04DA23A5C58}" = MSVCRT Redists
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"D3DGear_is1" = D3DGear
"jdownloader2" = JDownloader 2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"WinRAR archiver" = WinRAR 4.20 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{21CA0444-2355-4DF5-8D60-D6D28875E1D1}_is1" = Adobe Photoshop CS6 version 13.0
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 55
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1" = Foxit Cloud
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{48E61F3E-61D4-42A3-9D29-D0CF40838779}" = NETGEAR A6200 Genie
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1" = Gyazo 2.0.2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90120000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}" = Curse
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"abgx360" = abgx360 v1.0.6
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"avast" = avast! Free Antivirus
"Canon MX410 series User Registration" = Canon MX410 series User Registration
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Cisco Connect" = Cisco Connect
"Counter-Strike Global Offensive_is1" = Counter-Strike Global Offensive [No-Steam]
"DivX Setup" = DivX-Setup
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Foxit Reader_is1" = Foxit Reader
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"ImgBurn" = ImgBurn
"League of Legends 3.0.0" = League of Legends
"LOLReplay" = LOLReplay
"MP Navigator EX 4.1" = Canon MP Navigator EX 4.1
"Open Broadcaster Software" = Open Broadcaster Software
"PowerISO" = PowerISO
"Speed Dial Utility" = Canon Speed Dial Utility
"StarCraft II" = StarCraft II
"Steam" = Steam
"Steam App 221100" = DayZ
"Steam App 240" = Counter-Strike: Source
"Steam App 4000" = Garry's Mod
"Tongbu2" = Tongbu Assistant 2.1.2.0
"WORD" = Microsoft Office Word 2007
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 8/15/2014 3:09:31 PM | Computer Name = Salazar-PC | Source = SetupARService | ID = 0
Description = Service cannot be started. System.NullReferenceException: Object reference
 not set to an instance of an object.     at SetupAfterRebootService.SetupARService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 8/15/2014 7:05:39 PM | Computer Name = Salazar-PC | Source = SetupARService | ID = 0
Description = Service cannot be started. System.NullReferenceException: Object reference
 not set to an instance of an object.     at SetupAfterRebootService.SetupARService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 8/15/2014 8:02:06 PM | Computer Name = Salazar-PC | Source = SetupARService | ID = 0
Description = Service cannot be started. System.NullReferenceException: Object reference
 not set to an instance of an object.     at SetupAfterRebootService.SetupARService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 8/15/2014 8:06:53 PM | Computer Name = Salazar-PC | Source = SetupARService | ID = 0
Description = Service cannot be started. System.NullReferenceException: Object reference
 not set to an instance of an object.     at SetupAfterRebootService.SetupARService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 8/16/2014 3:51:17 PM | Computer Name = Salazar-PC | Source = SetupARService | ID = 0
Description = Service cannot be started. System.NullReferenceException: Object reference
 not set to an instance of an object.     at SetupAfterRebootService.SetupARService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 8/17/2014 12:15:49 PM | Computer Name = Salazar-PC | Source = SetupARService | ID = 0
Description = Service cannot be started. System.NullReferenceException: Object reference
 not set to an instance of an object.     at SetupAfterRebootService.SetupARService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 8/17/2014 9:31:37 PM | Computer Name = Salazar-PC | Source = Application Error | ID = 1000
Description = Faulting application name: rads_user_kernel.exe, version: 0.0.0.0,
 time stamp: 0x4e65c1ac  Faulting module name: rads_user_kernel.exe, version: 0.0.0.0,
 time stamp: 0x4e65c1ac  Exception code: 0xc0000005  Fault offset: 0x000b8554  Faulting
 process id: 0xb00  Faulting application start time: 0x01cfba84274153d8  Faulting application
 path: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe  Faulting 
module path: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe  Report
 Id: 6537c89f-2677-11e4-a4de-d43d7e4f071e
 
Error - 8/18/2014 1:03:37 PM | Computer Name = Salazar-PC | Source = SetupARService | ID = 0
Description = Service cannot be started. System.NullReferenceException: Object reference
 not set to an instance of an object.     at SetupAfterRebootService.SetupARService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 8/18/2014 11:09:39 PM | Computer Name = Salazar-PC | Source = SetupARService | ID = 0
Description = Service cannot be started. System.NullReferenceException: Object reference
 not set to an instance of an object.     at SetupAfterRebootService.SetupARService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 8/19/2014 12:39:49 AM | Computer Name = Salazar-PC | Source = Application Error | ID = 1000
Description = Faulting application name: rads_user_kernel.exe, version: 0.0.0.0,
 time stamp: 0x4e65c1ac  Faulting module name: rads_user_kernel.exe, version: 0.0.0.0,
 time stamp: 0x4e65c1ac  Exception code: 0xc0000005  Fault offset: 0x000b8554  Faulting
 process id: 0x810  Faulting application start time: 0x01cfbb679a5d3ebd  Faulting application
 path: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe  Faulting 
module path: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe  Report
 Id: da34b0a6-275a-11e4-94d7-d43d7e4f071e
 
Error - 8/19/2014 12:38:37 PM | Computer Name = Salazar-PC | Source = SetupARService | ID = 0
Description = Service cannot be started. System.NullReferenceException: Object reference
 not set to an instance of an object.     at SetupAfterRebootService.SetupARService.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
[ System Events ]
Error - 3/19/2014 2:54:54 PM | Computer Name = Salazar-PC | Source = Service Control Manager | ID = 7023
Description = The BlueStacks Android Service service terminated with the following
 error:   %%1064
 
Error - 3/20/2014 3:01:10 PM | Computer Name = Salazar-PC | Source = Service Control Manager | ID = 7023
Description = The BlueStacks Android Service service terminated with the following
 error:   %%1064
 
Error - 3/21/2014 7:18:18 AM | Computer Name = Salazar-PC | Source = Service Control Manager | ID = 7023
Description = The BlueStacks Android Service service terminated with the following
 error:   %%1064
 
Error - 3/21/2014 6:30:43 PM | Computer Name = Salazar-PC | Source = Service Control Manager | ID = 7023
Description = The BlueStacks Android Service service terminated with the following
 error:   %%1064
 
Error - 3/22/2014 11:25:48 AM | Computer Name = Salazar-PC | Source = Service Control Manager | ID = 7023
Description = The BlueStacks Android Service service terminated with the following
 error:   %%1064
 
Error - 3/22/2014 7:12:08 PM | Computer Name = Salazar-PC | Source = Service Control Manager | ID = 7023
Description = The BlueStacks Android Service service terminated with the following
 error:   %%1064
 
Error - 3/22/2014 11:39:54 PM | Computer Name = Salazar-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
 Client Service service to connect.
 
Error - 3/22/2014 11:39:54 PM | Computer Name = Salazar-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
 error:   %%1053
 
Error - 3/23/2014 12:51:30 PM | Computer Name = Salazar-PC | Source = Service Control Manager | ID = 7023
Description = The BlueStacks Android Service service terminated with the following
 error:   %%1064
 
Error - 3/25/2014 2:55:21 PM | Computer Name = Salazar-PC | Source = Service Control Manager | ID = 7023
Description = The BlueStacks Android Service service terminated with the following
 error:   %%1064
 
 
< End of report >
 
 

  • 0

Advertisements

#2
Essexboy
Posted 20 August 2014 - 08:05 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there does this only happen in chrome ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]

:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49235;https=127.0.0.1:49235
O2 - BHO: (ͬ²½Ò»¼ü°²×°Ö§³Ö) - {F72C8153-7140-4FEE-8F69-CA4579D71195} - C:\Program Files (x86)\Tongbu\Addin\tbIEAddin.dll (??????)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKCU..\Run: [Itibiti.exe] C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe File not found

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
FINALLY

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#3
Essexboy
Posted 25 August 2014 - 02:58 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP